Commit Graph

52 Commits

Author SHA1 Message Date
Tom Christie
11a2468379 Access request.user.is_authenticated as property not method, under Django 1.10+ (#4358)
* For Django >=1.10 use user.is_authenticated, not user.is_authenticated()
2016-08-05 11:04:01 +01:00
Stephan Groß
a101251a2a Fix blank lines around docstrings 2016-03-17 11:06:47 +00:00
Aarni Koskela
69688289ce Ensure Django{Model,Object}Permissions don't hide exceptions.
Quietly catching `AttributeError` and `TypeError` when calling
`get_queryset()` is rather insidious, as those exceptions get caught no
matter where they might happen in the call stack.
2015-11-27 12:46:30 +02:00
Carlton Gibson
25de8c960f Remove Django 1.5 get_model_name fallback 2015-09-21 20:10:31 +02:00
José Padilla
7351a3f6ca Sort imports with isort 2015-06-25 16:55:51 -04:00
José Padilla
83c9136c90 Cleanup import following PEP 8 style guide 2015-06-25 16:10:17 -04:00
Nicolas Delaby
031ac2a292 Allow DjangoObjectPermissions to use views that define get_queryset 2015-05-13 14:26:44 +02:00
Nicolas Delaby
24e9473036 Improve error message. 2015-04-22 11:22:37 +02:00
Nicolas Delaby
6f66798ad3 Prevent empty querysets to raises AssertionError. 2015-04-22 11:13:09 +02:00
Nicolas Delaby
c2e536bfda Tell DjangoModelPermissions to rely on get_queryset first. 2015-04-22 10:18:30 +02:00
Tymur Maryokhin
1ddfef1212 Removed deprecated '.model' attribute check 2015-04-12 17:12:01 +02:00
Di Wu
48e1f151c5 use SAFE_METHODS and make tuple 2015-03-16 22:13:07 -07:00
Tom Christie
baaa356489 Merge master 2014-12-12 15:37:43 +00:00
Tymur Maryokhin
d9930181ee Removed unused imports, pep8 fixes, typo fixes 2014-12-05 00:29:28 +01:00
Jharrod LaFon
baa518cd89 Moved OAuth support out of DRF and into a separate package, per #1767 2014-09-05 15:30:01 -07:00
Tom Christie
4d8c63abc9 Deprecate .model in related routers/permissions 2014-08-20 17:15:46 +01:00
Tom Christie
bf09c32de8 Code linting and added runtests.py 2014-08-19 13:28:07 +01:00
Tom Christie
52686420f4 Merge branch 'bennbollay-patch-1' into 2.4.0
Conflicts:
	.travis.yml
	docs/api-guide/routers.md
	rest_framework/compat.py
	tox.ini
2013-12-23 09:48:59 +00:00
amatellanes
2d6d725c2f Simplified some functions 2013-12-22 12:39:47 +01:00
Tom Christie
9c41c007af Merge branch 'master' into 2.4.0
Conflicts:
	.travis.yml
	docs/api-guide/routers.md
	docs/topics/release-notes.md
	rest_framework/compat.py
2013-12-13 16:32:34 +00:00
Tom Christie
21cd638659 Merge master 2013-09-25 09:44:26 +01:00
Markus Kaiserswerth
abbe9213f9 Address pending deprecation of Model._meta.module_name in Django 1.6 2013-09-23 17:48:25 +02:00
Tom Christie
5970baa201 Tweaks and docs to object-level model permissions. 2013-09-10 21:00:13 +01:00
bwreilly
23fc9dd53f better doc for object permissions, drop redundant has_permission call 2013-09-09 09:32:29 -07:00
bwreilly
0183c69538 removed unnecessary guardian req and view.action parsing 2013-09-09 08:39:09 -07:00
bwreilly
9ff0f6d3bf switch to a dedicated filter for read list object permissions 2013-09-07 23:48:03 -05:00
bwreilly
118645e480 first pass at object level permissions and tests 2013-09-07 23:18:52 -05:00
bwreilly
b07de86ad3 some properly failing tests, set up for standard permissions 2013-09-06 12:35:06 -05:00
bwreilly
4a9dcfa760 added guardian as optional requirement, stubbed out object-level permission class 2013-09-06 11:01:31 -05:00
Tom Christie
3fcc01273c Remove deprecated code 2013-06-27 20:29:52 +01:00
Tom Christie
6d2ca75d8e Don't raise AttributeError on views with no model or queryset, when using DjangoModelPermissions 2013-06-18 11:10:56 +01:00
Tom Christie
aff88d15f7 Version 2.3.3 2013-05-16 15:08:12 +01:00
Tom Christie
b65b065375 Add DjangoModelPermissionsOrAnonReadOnly 2013-04-30 14:34:28 +01:00
Tom Christie
dc7b1d6430 2.2's PendingDeprecationWarnings now become DeprecationWarnings. 2.3's PendingDeprecationWarnings added. 2013-04-29 12:45:00 +01:00
Tom Christie
4bf1a09bae Ensure implementation of reverse relations in 'fields' is backwards compatible 2013-04-23 11:31:38 +01:00
Tom Christie
043d748b53 Tweak 2013-03-12 20:12:28 +00:00
Tom Christie
f513db714d Clean up TokenHasReadWriteScope slightly 2013-03-12 19:07:30 +00:00
Tom Christie
e8db504a98 Merge master 2013-03-12 18:49:38 +00:00
Pierre Dulac
eec8efafc3 Add the implementation for TokenHasReadWriteScope permissions w/ oauth 1 2013-03-10 14:40:20 +01:00
Pierre Dulac
e03906a5c4 Add TokenHasReadWriteScope class for permissions based on scopes 2013-03-10 14:08:29 +01:00
Tom Christie
69d169f5f6 Neater override hooks and more docs for DjangoModelPermissions.
Refs #702.
2013-03-08 23:42:20 +00:00
Tom Christie
09b01887f2 New style object-level permission checks 2013-02-12 08:58:28 +00:00
Tom Christie
69dcf13da9 Bugfix for DjangoModelPermissions. Fixes #437
Turns out that Django's default permissions backend always returns
False when checking object-level permissions, even if the user does
have valid global permissions.
2013-02-10 16:43:52 +00:00
Tom Christie
b052c92ac3 Cleanup imports
Mostly adding `from __future__ import unicode_literals` everywhere.
2013-02-04 20:55:35 +00:00
Tom Christie
fd89bca35f Version 2.1.6. AKA: I am a doofus. 2012-11-23 13:21:18 +00:00
Tom Christie
412f737ab2 Typo. Fixes #437. 2012-11-23 13:09:14 +00:00
Tom Christie
af96fe05d0 Add AllowAny class 2012-10-27 20:17:49 +01:00
Tom Christie
44207a347a pep8 2012-10-27 10:33:01 +01:00
Tom Christie
9c1fba3483 Tweak parsers to take parser_context 2012-10-15 13:27:50 +01:00
Tom Christie
ccd2b0117d Permissions and throttles no longer have a view attribute on self. Explicitly passed to .has_permissions(request, view, obj=None) / .allow_request(request, view) 2012-10-10 10:02:37 +01:00